CVE-2021-1073
Summary: NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries...
CVE-2020-24149
Summary: Server-side request forgery (SSRF) in the Podcast Importer SecondLine (podcast-importer-secondline) plugin 1.1.4 for WordPress via the podcast_feed parameter in...
CVE-2020-27827
Summary: A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost...
CVE-2021-20094
Summary: A denial of service vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this...
Nope, that isn’t Elon Musk, and he isn’t offering a free Topmist Dust watch either
Elon Musk is an incredibly popular target for scammers and spammers on social media. Attach his name to something he...
DNS-over-HTTPS takes another small step towards global domination
Firefox recently announced that it will be rolling out DNS-over-HTTPS (or DoH) soon to one percent of its Canadian users...
A week in security (July 5 – July 11)
Last week on Malwarebytes Labs: Racing against a real-life ransomware attack. Podcast with Ski Kacoroski.Kaseya CEO: “The impact of this...
Four Critical Flaws Identified in Sage X3 ERP Software
Cybersecurity firm Rapid7 announced on Wednesday that it discovered four security flaws in the Sage X3 ERP software, resource, and...
15 Philips Vue Vulnerabilities Could Result in Full Takeover of the Devices
CISA has released an advisory about several vulnerabilities found in Philips Vue PACS health devices. In the hands of a...
Hackers Have Devised a New Trick to Disable Macro Security Warnings
Threat actors have found a novel method for disabling macro security warnings in malspam assaults that use non-malicious documents. Microsoft...
Dutch Institute Exposes Flaws in Kaseya – VSA Platform
In the wake of the recent catastrophic attack on its VSA platform, Kaseya collaborated with scientists to fix a bug...
DcRat – A Simple Remote Tool Written In C#
DcRat is a simple remote tool written in C# IntroductionFeaturesTCP connection with certificate verification, stable and security Server IP port...
Sx – Fast, Modern, Easy-To-Use Network Scanner
sx is the command-line network scanner designed to follow the UNIX philosophy. The goal of this project is to create...
BIOPASS malware abuses OBS Studio to spy on victims
Researchers spotted a new malware, dubbed BIOPASS, that sniffs victim’s screen by abusing the framework of Open Broadcaster Software (OBS) Studio. Researchers...
Kaseya releases patches for flaws exploited in massive ransomware supply-chain attack
Kaseya has released a security update to address the VSA zero-day vulnerabilities exploited by REvil gang in the massive ransomware...
Magecart hackers hide stolen credit card data into images and bogus CSS files
Magecart hackers continuously improve their exfiltration techniques to evade detection, they are hiding stolen credit card data into images. Magecart...
Biden discussed Russian ransomware gangs with Putin in a phone call
President Joe Biden expressed concerns about ransomware attacks carried out by Russian gangs during a phone call with President Vladimir...
CVE-2020-23960
Summary: Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Fork before 5.8.3 allows remote attackers to perform...
CVE-2021-25440
Summary: Improper access control vulnerability in FactoryCameraFB prior to version 3.4.74 allows untrusted applications to access arbitrary files with an...
CVE-2020-24036
Summary: PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an authenticated remote...
CVE-2021-32740
Summary: Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. An uncontrolled resource...
CVE-2021-28931
Summary: Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes...
Experts discussed how to fight cyberbullying on children at Cyber Polygon 2021
At the international online cybersecurity training Cyber Polygon 2021, organized by BI.ZONE, Stanislav Kuznetsov, Deputy Chairman of Sberbank, and Henrietta...
Chinese Hackers Target Taiwanese Telecom Firms
The Insikt Group, the intelligence research department of the US network security consulting firm Recorded Future, published a report on...
